OLD | NEW |
---|---|
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/win/src/policy_target.h" | 5 #include "sandbox/win/src/policy_target.h" |
6 | 6 |
7 #include "sandbox/win/src/crosscall_client.h" | 7 #include "sandbox/win/src/crosscall_client.h" |
8 #include "sandbox/win/src/ipc_tags.h" | 8 #include "sandbox/win/src/ipc_tags.h" |
9 #include "sandbox/win/src/policy_engine_processor.h" | 9 #include "sandbox/win/src/policy_engine_processor.h" |
10 #include "sandbox/win/src/policy_low_level.h" | 10 #include "sandbox/win/src/policy_low_level.h" |
(...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
72 // called before the actual call to LowerToken. | 72 // called before the actual call to LowerToken. |
73 NTSTATUS WINAPI TargetNtSetInformationThread( | 73 NTSTATUS WINAPI TargetNtSetInformationThread( |
74 NtSetInformationThreadFunction orig_SetInformationThread, HANDLE thread, | 74 NtSetInformationThreadFunction orig_SetInformationThread, HANDLE thread, |
75 NT_THREAD_INFORMATION_CLASS thread_info_class, PVOID thread_information, | 75 NT_THREAD_INFORMATION_CLASS thread_info_class, PVOID thread_information, |
76 ULONG thread_information_bytes) { | 76 ULONG thread_information_bytes) { |
77 do { | 77 do { |
78 if (SandboxFactory::GetTargetServices()->GetState()->RevertedToSelf()) | 78 if (SandboxFactory::GetTargetServices()->GetState()->RevertedToSelf()) |
79 break; | 79 break; |
80 if (ThreadImpersonationToken != thread_info_class) | 80 if (ThreadImpersonationToken != thread_info_class) |
81 break; | 81 break; |
82 if (!thread_information) | |
83 break; | |
84 HANDLE token; | |
85 if (sizeof(token) > thread_information_bytes) | |
86 break; | |
87 | |
88 NTSTATUS ret = CopyData(&token, thread_information, sizeof(token)); | |
89 if (!NT_SUCCESS(ret) || NULL != token) | |
90 break; | |
91 | |
cpu_(ooo_6.6-7.5)
2015/02/28 02:13:53
can you remind me of why this removal?
Shrikant Kelkar
2015/02/28 02:33:46
I forgot the exact number, but a call from wininet
| |
92 // This is a revert to self. | 82 // This is a revert to self. |
93 return STATUS_SUCCESS; | 83 return STATUS_SUCCESS; |
94 } while (false); | 84 } while (false); |
95 | 85 |
96 return orig_SetInformationThread(thread, thread_info_class, | 86 return orig_SetInformationThread(thread, thread_info_class, |
97 thread_information, | 87 thread_information, |
98 thread_information_bytes); | 88 thread_information_bytes); |
99 } | 89 } |
100 | 90 |
101 // Hooks NtOpenThreadToken to force the open_as_self parameter to be set to | 91 // Hooks NtOpenThreadToken to force the open_as_self parameter to be set to |
(...skipping 16 matching lines...) Expand all Loading... | |
118 ACCESS_MASK desired_access, BOOLEAN open_as_self, ULONG handle_attributes, | 108 ACCESS_MASK desired_access, BOOLEAN open_as_self, ULONG handle_attributes, |
119 PHANDLE token) { | 109 PHANDLE token) { |
120 if (!SandboxFactory::GetTargetServices()->GetState()->RevertedToSelf()) | 110 if (!SandboxFactory::GetTargetServices()->GetState()->RevertedToSelf()) |
121 open_as_self = FALSE; | 111 open_as_self = FALSE; |
122 | 112 |
123 return orig_OpenThreadTokenEx(thread, desired_access, open_as_self, | 113 return orig_OpenThreadTokenEx(thread, desired_access, open_as_self, |
124 handle_attributes, token); | 114 handle_attributes, token); |
125 } | 115 } |
126 | 116 |
127 } // namespace sandbox | 117 } // namespace sandbox |
OLD | NEW |